S CSC250: Fall 2010 Schedule

Introduction To Computer Security - Parkland    

Last Modified:
Monday, 30-Aug-2010 14:37:48 CDT

CSC250 Fall 2010 - Schedule


First 8 Weeks at a Glance:

Week 1
Aug. 23
Week 2
Aug 30
Week 3
Sept 7 (Sept 6, Labor Day)
Week 4
Sept 13
Week 5
Sept 20
Week 6
Sept 27
Week 7
Oct 4
Week 8
Oct 11

Second 8 Weeks at a Glance

Week 9
Oct 18
Week 10
Oct 25
Week 11
Nov 1
Week 12
Nov 8
Week 13
Nov 15
Week 14
Nov 22
(Thxgvg begins at 5pm on Nov 24)
Week 15
Nov 29
Week 16
Dec 6

Week 1: Aug. 23

O verview of Computer Security Introduction, History, Overview

For Next Week:
  • Exercise 1:
    CERT Overview and RFC1281 and RFC1296.
    15 Points, You may take this as many times as you wish before Midnight Sept 7 (Sept 6, Labor Day) .
  • Be prepared to discuss the RFC's next week for a 15 point lab.
  • Participation Week 1-4:
    Log on to Angel and make some postings and join our discussion about computer security. Be sure to comment on the CERT overview and RFC1281 and RFC2196.
    10 Points Participation, Due by Sept 20 Midnight.
  • Lab 1:
    We will run a packet sniffer and login to our Linux accounts and our Angel accounts.

| Top | CSC250 Home

Week 2: Aug 30

Understanding the need for and procedures used in keeping your systems up to date.

In Class today we will be discussing the RFC's and the CERT Overview. We will also be reading an article on the web and talking about it in class.

You will participate in the discussion for 15 lab points.



For Next Week:
  • Homework 1 and Presentation 1,
    Send me a 1-2 page typed report in e-mail before class on how you updated your system. Be sure that you run MS Baseline Security Analyzer on your system. It is a binary that you downoad and run locally. 25 points for the presentation and 15 points for the Report.
    Due Sept 13 at the beginning of class.

| Top | CSC250 Home

Week 3: Sept 7 (Sept 6, Labor Day)

No Class this Week.


For Next week:





Participation Lab Week 1-4:
Log on to Angel and make some postings and join our discussion about computer security.
10 Points Participation,
Due by: Sept 20 at Midnight.

| Top | CSC250 Home

Week 4: Sept 13

Student Presentations on their security audit.
Each Student will get up to 10 minutes to tell the class about their home computer security audit.

Security Discussion:
Quiz 1 Review Sheet
Data Ownership Classifications


For Next week:


Quiz at the beginning of class next week. 25 points.

Participation Lab Week 1-4:
Log on to Angel and make some postings and join our discussion about computer security.
10 Points Participation, Due by Midnight Sept 20 .


| Top | CSC250 Home

Week 5: Sept 20

Security and privacy on the internet.

Quiz at the beginning of class this week. 25 points.

Student Presentations on securing their machines continued if not done.

This week in class we will be learning about how to find out where those rogue machines are, and who is supposed to be managing them.



For Next Week:
Legal and Ethical Issues
-->
Homework - whois.
Run whois on 10 different IP addresses that you find and write down who is the manager of the network for the IP address.
10 points, bring your results to class, hand in and we'll look them up too.

Participation Lab Week 5-8:
Log on to Angel and make some postings and join our discussion about computer security.
10 Points Participation, Due by Midnight Oct 18 .

| Top | CSC250 Home

Week 6: Sept 27

Finish Student Presentations, hand in 10 IP addresses.

DoS Attacks and Legal and Ethical Issues in Computer Security



Quiz 1



We may not get to DoS attacks today so we are taking that subject up next week. The DoS attacks Exercise is due as noted below.

Denial of service is defined as an event that renders the service of the system that is under DoS attack unusable. It is important to note that you may be suceptable to a DoS attack even though you have no identifiable vulnerability in your systems.

Legal Ethical and Professional Issues in Computer Security. We will be covering some of these issues in an interactive class discussion. -->
Links, Reading and Discussion Topics:


For Next Week:

Exercise 2 - DoS Attacks
Due by Oct 11 at midnight.


| Top | CSC250 Home

Week 7: Oct 4


We will be picking up on the spam lecture next week. For this week you should sign up for a security e-mail newsletter and then come next week telling what security newsletter you subscribed to and bring in a sheet detailing one e-mail that you got from the list and do a report on the vulnerability that you found out about. 25 points typed report and 25 points presentation on vulnerability. Be sure to include details on how the vulnerability is accessed, technical details about how the vulnerability works and what systems are affected. Do not just show up with an e-mail, I want your interpretation showing that you understand how the vulnerability works in technical terms.

Sources: CERT e-mail list, SANS e-mail list, Microsoft e-mail lists, ntbugtraq list and many others. If you do not know what list to subscribe to, post on the discussion board and others may have ideas.


e-mail sendmail and spam

Continue DOS Lecture and Start on spam

e-mail, sendmail and spam Lecture

Testing a Relay
The short story to Test a Relay

AUTH a little known service
Screenshot of an AUTH Packet Capture
procmail at procmail.org
The Apache SpamAssassin Project
For Next Week:

| Top | CSC250 Home

Week 8: Oct 11

e-mail, sendmail and spam:

e-mail, sendmail and spam Lecture

Testing a Relay
The short story to Test a Relay

AUTH a little known service
Screenshot of an AUTH Packet Capture




Labs:
For Next Week:

There will be a test in week 10 covering all the material we have studied so far

Participation Week 5-8
Due by Midnight Oct 18


Exercise 3 - e-mail, sendmail and whois
Due by Midnight Oct 18 .

| Top | CSC250 Home

Week 9: Oct 18


Presentations on a recent Vulnerability from an e-mail listserve

Port Scanning and Packet Sniffing Technology

TCP/IP, ports and DoS Attacks:
Labs:
nmap and packet sniffing lab

For Next Week:

| Top | CSC250 Home

Week 10: Oct 25

More on Port Scanning and Packet Sniffing Technology

Midterm Next week covering everything so far.

TCP/IP, port scanning and Packet Sniffing:
Labs:
Lab - nmap II more on running nmap

For Next Week:

  • Exercise 4 - nmap and ports
    Due by midnight Nov 1 .
  • There will be a Quiz on nmap and portscanning in week 12. You will have to answer questions about it and you will have to run it.

| Top | CSC250 Home

Week 11: Nov 1



Midterm It does not include NMAP


Lab:



For Next Week:
Week 9-12 Participation: Discuss Computer Security on the discussion board for 10 points.
Due by: Midnight Nov 15

| Top | CSC250 Home

Week 12: Nov 8


Quiz on nmap and portscanning next week 25 points.


Cryptography: The Basics


Introduction to Cryptography

Quiz on nmap at the beginning of class next week.


Cryptography Web Pages

Warez defined at Wikipedia



Labs:


Lab: Deploying One-way EncryptionUsing MD5 to check file integrity.
In class on Nov 8 .

Lab: Implications of Hashing



For Next Week:

Exercise - Encryption and Authentication:
Due by: Midnight Nov 15


Participation Week 9-12 - 10 Points
Due By Midnight Nov 15

| Top | CSC250 Home

Week 13: Nov 15

Cryptography: Putting it all together



Cryptography Web Pages

Kerberos, a cryptographic authentication scheme

Demonstration of:
Digital Certificates, and HTTPS for Secure Transport Layer Security over HTTP.
SSL Handshake
Creating your own Certificate Authority and/or placing a signed certificate on your server
Viewing Approved Certificate Authorities in your Browser
Screenshots of SSL Key Exchange


Participation Week 13-16:
Log on to Angel and make some postings and join our discussion about computer security.
10 Points Participation, Due by Midnight Dec 13




Lab Web Page: tunneling clear-text protocols through an encrypted tunnel.

Lab: tunneling clear-text protocols through an encrypted tunnel.

Homework Assignment:
Bring in a 1 page written presentation on some security subject that you have learned about this Semester. You will make a presentation to the class on the subject. 10 points for the written report. 15 points for the Presentation. Your presentation will include a web page that you have written.

| Top | CSC250 Home

Week 14: Nov 22
(Thxgvg begins at 5pm on Nov 24)



Links Reading Class Overview:

Firewalls

Links From Students:
From JMotton Basic PC security article at CERT
From Kweaver Denial of Service Attacks at Wikipedia
From Rmcclary Limiting Priviliges for users in XP
From Mwilliams CIA and other Obversations

For Next Week:
Exercise 6 - Firewalls
Due by Midnight Dec 6

Participation Week 13-16:
Log on to Angel and make some postings and join our discussion about computer security.
10 Points Participation, Due by Midnight [an error occurred while processing this directive].


| Top | CSC250 Home

Week 15: Nov 29

Firewalls

Firewalls, packet filtering, TCP wrappers and Access Control
Lab:

We will be installing the BackOrifice root kit and checking it's operation in class.

| Top | CSC250 Home

Week 16: Dec 6

Wrap-up, review and sources of information.


Final Review


Lab:

You get 10 points for just showing up.

| Top | CSC250 Home

Finals Week: Finals week Dec 13-17 Official Finals Schedule

The Final Will be over all material.
Final: Monday Dec. 14 at 2-4pm

| Top | CSC250 Home


| Top |